Il y a actuellement 373 visiteurs
Mardi 05 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

infecté de pub

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

infecté de pub

Message le 10 Sep 2010 21:39

mon pc est infecté de pub achaque fois que j'ouvre une page voici le rapport
Code: Tout sélectionner
OTL logfile created on: 10/09/2010 22:07:47 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\syl\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,63 Gb Total Space | 193,51 Gb Free Space | 67,51% Space Free | Partition Type: NTFS
Drive D: | 11,46 Gb Total Space | 1,60 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-SYL
Current User Name: syl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\syl\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Users\syl\AppData\Roaming\Soft2PC\Software\SoftwareHP.exe (EoRezo)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Cyberlink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files\Cyberlink\PlayMovie\PMVService.exe (CyberLink Corp.)
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\syl\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (Norton Internet Security) -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (SRTSPX) -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVENG.SYS File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (PCDSRVC{4F253FFC-7957E8FC-06000000}_0) -- c:\program files\pc-doctor for windows\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Presario&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Presario&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (SOFT2PCBHO Class) - {3475D2C4-BBD1-4255-A70D-4125A4D30956} - C:\Program Files\Soft2PC\soft2pcBHO.dll (Soft2PC)
O2 - BHO: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1 Toolbar) - {50BCBFA7-2A6A-41ED-9D96-34D2073A8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found
O4 - HKLM..\Run: [CLMLServer] c:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMAgent] c:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PlayMovie] c:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [soft2PC] C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Helper] C:\Users\syl\AppData\Roaming\Soft2PC\Software\SoftwareHP.exe (EoRezo)
O4 - Startup: C:\Users\syl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\afantasy.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\afantasy.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f7061951-90fa-11df-aa57-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/10 22:04:06 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\syl\Desktop\OTL.exe
[2010/09/06 22:52:15 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\CVitae
[2010/09/06 14:23:26 | 000,000,000 | R--D | C] -- C:\Users\syl\AppData\Roaming\Documents
[2010/09/06 14:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\CVitaeV4
[2010/09/06 14:06:04 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\CVitae
[2010/09/03 17:36:21 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\Google Earth
[2010/08/31 13:42:06 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\PhotoFiltre Studio X
[2010/08/31 13:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X
[2010/08/30 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\QueryExplorer
[2010/08/30 15:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\QueryExplorer
[2010/08/30 15:09:59 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\ShopperReports3
[2010/08/30 15:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\ShopperReports3
[2010/08/27 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/08/27 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\app
[2010/08/19 12:35:51 | 000,000,000 | ---D | C] -- C:\Users\syl\Desktop\force dowload
[2010/08/18 21:46:43 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\Mon Garmin
[2010/08/18 21:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2010/08/18 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\GARMIN
[2010/08/18 21:43:29 | 000,000,000 | ---D | C] -- C:\Garmin
[2010/08/18 21:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/18 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/08/17 18:05:04 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/08/17 18:05:03 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/08/17 18:05:03 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/08/17 18:05:02 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/08/17 18:05:01 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/08/17 18:04:33 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/08/17 18:04:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/10 22:06:39 | 002,359,296 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT
[2010/09/10 22:04:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\syl\Desktop\OTL.exe
[2010/09/10 21:37:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/10 20:37:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 20:37:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 19:41:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/10 18:37:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/10 16:42:05 | 001,495,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/10 16:42:05 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/09/10 16:42:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/10 16:42:05 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/09/10 16:42:05 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/10 16:37:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/10 16:37:16 | 3085,402,112 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/10 16:05:32 | 000,524,288 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/10 16:05:32 | 000,065,536 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/09 22:27:30 | 003,523,040 | -H-- | M] () -- C:\Users\syl\AppData\Local\IconCache.db
[2010/09/06 22:51:37 | 000,012,625 | ---- | M] () -- C:\Users\syl\Documents\tom lettre motiv.odt
[2010/09/06 14:06:08 | 000,001,672 | ---- | M] () -- C:\Users\syl\Desktop\CVitae V4.lnk
[2010/09/03 17:44:01 | 000,000,939 | ---- | M] () -- C:\Users\syl\Desktop\Parcours_course.tcx
[2010/08/31 13:41:52 | 000,000,899 | ---- | M] () -- C:\Users\syl\Desktop\PhotoFiltre Studio X.lnk
[2010/08/30 19:16:39 | 000,000,680 | ---- | M] () -- C:\Users\syl\AppData\Local\d3d9caps.dat
[2010/08/27 19:21:12 | 000,001,620 | ---- | M] () -- C:\Users\syl\AppData\Roaming\wklnhst.dat
[2010/08/27 16:34:13 | 000,000,169 | ---- | M] () -- C:\Users\syl\AppData\Roaming\D2Info0
[2010/08/27 16:34:13 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_3
[2010/08/27 16:33:56 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_1
[2010/08/27 16:33:27 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_2
[2010/08/24 19:34:55 | 000,176,068 | ---- | M] () -- C:\Users\syl\Documents\murielle cv2.odt
[2010/08/24 18:54:12 | 000,001,678 | ---- | M] () -- C:\Users\syl\Documents\cv murielle0.odb
[2010/08/24 18:20:29 | 000,001,056 | ---- | M] () -- C:\Users\syl\Desktop\IMG - Raccourci (2).lnk
[2010/08/24 18:20:09 | 000,001,056 | ---- | M] () -- C:\Users\syl\Desktop\IMG - Raccourci.lnk
[2010/08/24 18:14:31 | 000,253,494 | ---- | M] () -- C:\Users\syl\Documents\cv murielle.pdf
[2010/08/23 12:19:36 | 000,000,939 | ---- | M] () -- C:\Users\syl\Desktop\syl_courses.tcx
[2010/08/22 21:04:58 | 003,483,739 | ---- | M] () -- C:\Users\syl\Desktop\22_08_2010 10_10_24_history.tcx
[2010/08/22 19:32:03 | 000,001,961 | ---- | M] () -- C:\Users\syl\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/22 19:31:32 | 000,002,079 | ---- | M] () -- C:\Users\syl\Desktop\Google Earth.lnk
[2010/08/17 18:05:04 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/17 18:05:01 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/14 21:29:51 | 000,015,360 | ---- | M] () -- C:\Users\syl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/12 13:37:24 | 000,311,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/06 22:48:10 | 000,012,625 | ---- | C] () -- C:\Users\syl\Documents\tom lettre motiv.odt
[2010/09/06 14:06:08 | 000,001,672 | ---- | C] () -- C:\Users\syl\Desktop\CVitae V4.lnk
[2010/09/03 17:44:01 | 000,000,939 | ---- | C] () -- C:\Users\syl\Desktop\Parcours_course.tcx
[2010/09/03 17:26:39 | 000,002,079 | ---- | C] () -- C:\Users\syl\Desktop\Google Earth.lnk
[2010/08/31 13:41:52 | 000,000,899 | ---- | C] () -- C:\Users\syl\Desktop\PhotoFiltre Studio X.lnk
[2010/08/30 19:16:39 | 000,000,680 | ---- | C] () -- C:\Users\syl\AppData\Local\d3d9caps.dat
[2010/08/24 19:34:53 | 000,176,068 | ---- | C] () -- C:\Users\syl\Documents\murielle cv2.odt
[2010/08/24 18:54:12 | 000,001,678 | ---- | C] () -- C:\Users\syl\Documents\cv murielle0.odb
[2010/08/24 18:24:34 | 000,253,494 | ---- | C] () -- C:\Users\syl\Documents\cv murielle.pdf
[2010/08/24 18:20:29 | 000,001,056 | ---- | C] () -- C:\Users\syl\Desktop\IMG - Raccourci (2).lnk
[2010/08/24 18:20:09 | 000,001,056 | ---- | C] () -- C:\Users\syl\Desktop\IMG - Raccourci.lnk
[2010/08/22 21:04:58 | 003,483,739 | ---- | C] () -- C:\Users\syl\Desktop\22_08_2010 10_10_24_history.tcx
[2010/08/22 19:32:03 | 000,001,961 | ---- | C] () -- C:\Users\syl\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/21 13:44:46 | 000,000,939 | ---- | C] () -- C:\Users\syl\Desktop\syl_courses.tcx
[2010/08/17 18:05:04 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/06 15:12:16 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_3
[2010/07/06 15:06:28 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_1
[2010/07/06 14:42:51 | 000,000,169 | ---- | C] () -- C:\Users\syl\AppData\Roaming\D2Info0
[2010/07/06 14:42:51 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_2
[2010/07/05 21:51:53 | 000,031,007 | ---- | C] () -- C:\Users\syl\AppData\Roaming\UserTile.png
[2010/04/03 19:28:10 | 000,015,360 | ---- | C] () -- C:\Users\syl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/09 19:54:48 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010/02/05 13:53:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/02 22:27:16 | 000,001,620 | ---- | C] () -- C:\Users\syl\AppData\Roaming\wklnhst.dat
[2009/05/11 10:51:40 | 000,000,108 | ---- | C] () -- C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log
[2009/05/11 10:21:52 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2009/05/11 10:21:52 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2007/05/17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVRD32.SYS  >[/color]
[2008/11/12 19:02:46 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=5DD1242CABC1EF8DCE4438D72D72A436 -- C:\Windows\System32\drivers\nvrd32.sys
[2008/11/12 19:02:46 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=5DD1242CABC1EF8DCE4438D72D72A436 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_82585807\nvrd32.sys
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:34:07 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
[2008/01/21 04:34:07 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 16 bytes -> C:\Users\syl\Downloads:Shareaza.GUID
< End of


EDIT :

voici le deuxieme rapport
Code: Tout sélectionner
OTL Extras logfile created on: 10/09/2010 22:07:47 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\syl\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,63 Gb Total Space | 193,51 Gb Free Space | 67,51% Space Free | Partition Type: NTFS
Drive D: | 11,46 Gb Total Space | 1,60 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-SYL
Current User Name: syl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E7D879F-5122-4612-9BF8-2114A223FB13}" = rport=445 | protocol=6 | dir=out | app=system |
"{11AE040D-65AD-4F2F-9E9B-32C566D81955}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C18AE1D-4115-479A-B980-FFE6AD8E2C7A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{26EAFCD5-2CA2-4915-B15F-927DA3511F9B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2CDF4745-E251-4651-A5FD-1882E7A02252}" = lport=137 | protocol=17 | dir=in | app=system |
"{31F3DC8B-516A-4EBB-BC81-62B7AE939BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{420023BC-354B-4DAE-87EC-0F74E9235A50}" = lport=138 | protocol=17 | dir=in | app=system |
"{463A38E5-02F5-4231-AA27-0585F912FF52}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{52A83A40-7E0D-445B-8DF5-0AD15EF42830}" = rport=139 | protocol=6 | dir=out | app=system |
"{62C17CD2-65D1-46F2-A1D1-820F3164E9BF}" = rport=137 | protocol=17 | dir=out | app=system |
"{70BB53C8-3505-4207-B9E4-9826F7DF886B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7536B8A1-58D7-463E-8C7F-258E8FD8AF9C}" = lport=139 | protocol=6 | dir=in | app=system |
"{91639E8B-949A-4373-BE9C-70B77DB16D40}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9BA36207-DAC5-43FC-B719-C820D6847EE8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BBEA0EC6-4A9C-41EB-AE7F-F7F7437C9BED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BE62D812-9DA1-4B75-B78E-7340E975AF08}" = rport=138 | protocol=17 | dir=out | app=system |
"{DD1A9D0B-C20C-4DA8-846F-A53C7CDEB305}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F21361F2-2651-4117-AA7E-E3B292159DC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7CFF6F6-A6CA-45AD-9B39-D2A5C48FE1A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDBBAB24-9BF3-4B9A-818F-3F8BFCBBD727}" = lport=2869 | protocol=6 | dir=in | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{195BB018-89CB-4EEA-A56C-B225F30FFBF3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{230BD48E-FD8D-44B0-B533-2D140B46839A}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
"{36598543-A49A-4059-81E3-48B634E82758}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3790DE48-33D1-4BB9-A51A-34A307C000F2}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
"{40D9ED88-AE7D-4951-926C-D506016FD55B}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
"{5738A39C-CF86-4331-98C0-4EB2A7C75242}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5F57F3BC-6F02-476C-A9E1-D49DFAF7F9D3}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{67E3BE7D-6D1F-421E-8DD5-F1EDA15EC3C5}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
"{70D77BA1-558B-427E-91C7-6C3EC5297082}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{72E990D6-6B57-4EE0-BBC0-AE70533901F2}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{79451015-CE9E-4809-84DF-0EDD3E7AD7DC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{83FB3EFE-62CC-4459-8109-6097BED00D97}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{902E13E5-D803-4A14-AC38-9DEC2B64D22D}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |
"{AC09BAF9-F1BE-433D-8D67-699290613EC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AC25CBDB-A16B-4F82-9B15-C775ED4AD985}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
"{B755869D-FDD2-443D-92E8-14EAFF893EC5}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steam.exe |
"{D42A939E-8FCB-427B-B9B8-EE56333E1F90}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steam.exe |
"{E3581E66-7468-4769-8BC4-8903268C3208}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"TCP Query User{0A33DA54-2497-4CCB-B35E-0A14351DF51D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{31BDA794-B441-40DF-9368-ED47BF7BE157}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AEFCAD5B-D150-4A0B-BCC2-CAA4928D8AB6}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{CDF370D0-5E6F-4393-BFFD-0D585C3A0A0C}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{446ADCA4-4F21-4449-83E0-E33B32D95115}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{8C38E226-EF2C-4572-A38E-932ADD7FF7AE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{9A1B9435-5D14-4DEF-BB40-1DA87E8ABB7B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A73BA16B-35BF-4FF4-A7ED-E021159A8728}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97B3824E-B2D2-4C49-A860-BCA56F10B040}" = OpenOffice.org 3.2
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.3 - Français
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BF1EC9C0-9C10-11DF-BBC7-005056C00008}" = Google Earth
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7D1D93A-B17A-41F8-9070-0B2A544C6165}" = LEGO Star Wars Demo Disc
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Toolbar" = AOL Toolbar 5.0
"avast5" = avast! Free Antivirus
"CANONIJPLM100" = PIXMA Extended Survey Program
"EasyBits Magic Desktop" = Magic Desktop
"eMule" = eMule
"Enregistrement utilisateur de Canon MP520 series" = Enregistrement utilisateur de Canon MP520 series
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F7D1D93A-B17A-41F8-9070-0B2A544C6165}" = LEGO Star Wars Demo Disc
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007
"Oryte_Games_1 Toolbar" = Oryte_Games_1 Toolbar
"PC-Doctor for Windows" = Outils de diagnostic du matériel
"pywin32-py2.6" = Python 2.6 pywin32-212
"ShopperReportsSA" = ShopperReports
"Soft2PC_is1" = Soft2PC 1.4
"Software_is1" = Software 1.3
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Installation Windows Live
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CVitaeV4" = CVitaeV4
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"Xango Tango Deluxe" = Xango Tango Deluxe
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 02/09/2010 08:13:01 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 11:41:14 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 13:53:41 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 14:37:28 | Computer Name = PC-de-syl | Source = Google Update | ID = 20
Description =
 
Error - 02/09/2010 14:39:19 | Computer Name = PC-de-syl | Source = RasClient | ID = 20227
Description =
 
Error - 02/09/2010 14:52:26 | Computer Name = PC-de-syl | Source = RasClient | ID = 20227
Description =
 
Error - 03/09/2010 10:15:52 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 03/09/2010 14:42:37 | Computer Name = PC-de-syl | Source = VSS | ID = 8194
Description =
 
Error - 04/09/2010 05:16:07 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 05/09/2010 05:26:52 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7009
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of repor


EDIT Skynet : balises [code] ajoutées, merci de lire les consignes en haut du sujet.
le bihan
Visiteur
Visiteur
 
Messages: 4
Inscription: 10 Sep 2010 21:26
 


Message le 10 Sep 2010 21:52

Bonsoir,

vous avez un bouton EDITER au besoin, c'est plus clair que de poster à la suite de....... vous-même.

Merci aussi de respecter l'encadré bien en évidence et en rouge, qui apparaît en haut du sujet ou encore qui s'affiche une seconde fois lorsque vous postez.

Bonne continuation.
Avatar de l'utilisateur
Skynet
Moderateur
Moderateur
 
Messages: 14807
Inscription: 19 Juil 2007 21:12
 

Re: infecté de pub

Message le 10 Sep 2010 22:01

désolé mais je suis un peu perdu
bbcode ,code rapport code ? je ne sais pas trop comment trouver ses codes Merci
débutant en pc
le bihan
Visiteur
Visiteur
 
Messages: 4
Inscription: 10 Sep 2010 21:26
 

Message le 10 Sep 2010 22:06

Pas de problème.

Il suffit juste d'écrire deux mots, un au début du rapport qui est [code] et le second à la fin du rapport qui varie un peu [/code]

Et c'est tout ;).
Avatar de l'utilisateur
Skynet
Moderateur
Moderateur
 
Messages: 14807
Inscription: 19 Juil 2007 21:12
 

Re: infecté de pub

Message le 10 Sep 2010 22:14

Salut :)

En effet il y a du Monde ;)

On va nettoyer tous sa !!


Télécharge

Image AD-REMOVER

Image AIDE EN IMAGE

Si vous etes sous Vista ou Windows 7 :
Vous devez désactiver l'UAC le temps de la désinfection.
Si vous avez TeaTimer le résident de Spybot, désactivez-le car il risque de gêner la désinfection:
Démarrez Spybot, cliquez sur Mode, cochez Mode avancé.
A gauche, cliquez sur Outils, puis sur Résident.
Décochez la case devant Résident "TeaTimer" puis quittez Spybot .
Déconnecte-toi du net et ferme toutes applications en cours .
Double-clique sur le programme d'installation ;
Cliques sur Télécharger et enregistre-le sur ton bureau. .
Double-clique sur l'icône [color="#0000FF"]AD-Remover[/color] située sur ton Bureau .

** Pour Vista : clique droit " Exécuter en tant qu'administrateur " Au menu principal, choisis l'option Nettoyer.
Une fenêtre te demande "Confirmez-vous votre action",cliques sur oui
L’ outil débute sa recherche … Laisse-le travailler !
Le scan achevé, une fenêtre va s’ afficher.
Poste (copie-colle) le rapport qui apparaît à la fin.
Tu trouveras aussi le rapport sous C:\Ad-report(date).log

CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller


Note :
" Process.exe ",est une composante de l'outil,et peut être détecté par certains antivirus comme une infection , ne pas en tenir compte : il s'agit d'un faux positif


Ensuite :::

Installe:

Image Malwarebytes' Antimalware

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.


OUBLIE PAS LE RAPPORT AD-REMOVER ET MALWAREBYTES !!! ;)
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: infecté de pub

Message le 10 Sep 2010 22:24

Code: Tout sélectionner
OTL logfile created on: 10/09/2010 22:07:47 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\syl\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,63 Gb Total Space | 193,51 Gb Free Space | 67,51% Space Free | Partition Type: NTFS
Drive D: | 11,46 Gb Total Space | 1,60 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-SYL
Current User Name: syl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\syl\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Users\syl\AppData\Roaming\Soft2PC\Software\SoftwareHP.exe (EoRezo)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Cyberlink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files\Cyberlink\PlayMovie\PMVService.exe (CyberLink Corp.)
PRC - C:\Garmin\gStart.exe (GARMIN Corp.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\syl\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (Norton Internet Security) -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (SRTSPX) -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVENG.SYS File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (PCDSRVC{4F253FFC-7957E8FC-06000000}_0) -- c:\program files\pc-doctor for windows\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Presario&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=93&bd=Presario&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (SOFT2PCBHO Class) - {3475D2C4-BBD1-4255-A70D-4125A4D30956} - C:\Program Files\Soft2PC\soft2pcBHO.dll (Soft2PC)
O2 - BHO: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Oryte Games 1 Toolbar) - {50bcbfa7-2a6a-41ed-9d96-34d2073a8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1 Toolbar) - {50BCBFA7-2A6A-41ED-9D96-34D2073A8943} - C:\Program Files\Oryte_Games_1\tbOryt.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found
O4 - HKLM..\Run: [CLMLServer] c:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMAgent] c:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PlayMovie] c:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [soft2PC] C:\Program Files\Soft2PC\soft2pc.exe (Soft2PC)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Helper] C:\Users\syl\AppData\Roaming\Soft2PC\Software\SoftwareHP.exe (EoRezo)
O4 - Startup: C:\Users\syl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\afantasy.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\afantasy.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f7061951-90fa-11df-aa57-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/10 22:04:06 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\syl\Desktop\OTL.exe
[2010/09/06 22:52:15 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\CVitae
[2010/09/06 14:23:26 | 000,000,000 | R--D | C] -- C:\Users\syl\AppData\Roaming\Documents
[2010/09/06 14:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\CVitaeV4
[2010/09/06 14:06:04 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\CVitae
[2010/09/03 17:36:21 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\Google Earth
[2010/08/31 13:42:06 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\PhotoFiltre Studio X
[2010/08/31 13:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X
[2010/08/30 15:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\QueryExplorer
[2010/08/30 15:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\QueryExplorer
[2010/08/30 15:09:59 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\ShopperReports3
[2010/08/30 15:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\ShopperReports3
[2010/08/27 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/08/27 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\app
[2010/08/19 12:35:51 | 000,000,000 | ---D | C] -- C:\Users\syl\Desktop\force dowload
[2010/08/18 21:46:43 | 000,000,000 | ---D | C] -- C:\Users\syl\Documents\Mon Garmin
[2010/08/18 21:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2010/08/18 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\syl\AppData\Roaming\GARMIN
[2010/08/18 21:43:29 | 000,000,000 | ---D | C] -- C:\Garmin
[2010/08/18 21:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/08/18 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/08/17 18:05:04 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/08/17 18:05:03 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/08/17 18:05:03 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/08/17 18:05:02 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/08/17 18:05:01 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/08/17 18:04:33 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/08/17 18:04:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/10 22:06:39 | 002,359,296 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT
[2010/09/10 22:04:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\syl\Desktop\OTL.exe
[2010/09/10 21:37:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/10 20:37:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 20:37:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 19:41:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/10 18:37:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/10 16:42:05 | 001,495,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/10 16:42:05 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/09/10 16:42:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/10 16:42:05 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/09/10 16:42:05 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/10 16:37:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/10 16:37:16 | 3085,402,112 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/10 16:05:32 | 000,524,288 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/10 16:05:32 | 000,065,536 | -HS- | M] () -- C:\Users\syl\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/09 22:27:30 | 003,523,040 | -H-- | M] () -- C:\Users\syl\AppData\Local\IconCache.db
[2010/09/06 22:51:37 | 000,012,625 | ---- | M] () -- C:\Users\syl\Documents\tom lettre motiv.odt
[2010/09/06 14:06:08 | 000,001,672 | ---- | M] () -- C:\Users\syl\Desktop\CVitae V4.lnk
[2010/09/03 17:44:01 | 000,000,939 | ---- | M] () -- C:\Users\syl\Desktop\Parcours_course.tcx
[2010/08/31 13:41:52 | 000,000,899 | ---- | M] () -- C:\Users\syl\Desktop\PhotoFiltre Studio X.lnk
[2010/08/30 19:16:39 | 000,000,680 | ---- | M] () -- C:\Users\syl\AppData\Local\d3d9caps.dat
[2010/08/27 19:21:12 | 000,001,620 | ---- | M] () -- C:\Users\syl\AppData\Roaming\wklnhst.dat
[2010/08/27 16:34:13 | 000,000,169 | ---- | M] () -- C:\Users\syl\AppData\Roaming\D2Info0
[2010/08/27 16:34:13 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_3
[2010/08/27 16:33:56 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_1
[2010/08/27 16:33:27 | 000,000,008 | ---- | M] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_2
[2010/08/24 19:34:55 | 000,176,068 | ---- | M] () -- C:\Users\syl\Documents\murielle cv2.odt
[2010/08/24 18:54:12 | 000,001,678 | ---- | M] () -- C:\Users\syl\Documents\cv murielle0.odb
[2010/08/24 18:20:29 | 000,001,056 | ---- | M] () -- C:\Users\syl\Desktop\IMG - Raccourci (2).lnk
[2010/08/24 18:20:09 | 000,001,056 | ---- | M] () -- C:\Users\syl\Desktop\IMG - Raccourci.lnk
[2010/08/24 18:14:31 | 000,253,494 | ---- | M] () -- C:\Users\syl\Documents\cv murielle.pdf
[2010/08/23 12:19:36 | 000,000,939 | ---- | M] () -- C:\Users\syl\Desktop\syl_courses.tcx
[2010/08/22 21:04:58 | 003,483,739 | ---- | M] () -- C:\Users\syl\Desktop\22_08_2010 10_10_24_history.tcx
[2010/08/22 19:32:03 | 000,001,961 | ---- | M] () -- C:\Users\syl\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/22 19:31:32 | 000,002,079 | ---- | M] () -- C:\Users\syl\Desktop\Google Earth.lnk
[2010/08/17 18:05:04 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/17 18:05:01 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/14 21:29:51 | 000,015,360 | ---- | M] () -- C:\Users\syl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/12 13:37:24 | 000,311,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/06 22:48:10 | 000,012,625 | ---- | C] () -- C:\Users\syl\Documents\tom lettre motiv.odt
[2010/09/06 14:06:08 | 000,001,672 | ---- | C] () -- C:\Users\syl\Desktop\CVitae V4.lnk
[2010/09/03 17:44:01 | 000,000,939 | ---- | C] () -- C:\Users\syl\Desktop\Parcours_course.tcx
[2010/09/03 17:26:39 | 000,002,079 | ---- | C] () -- C:\Users\syl\Desktop\Google Earth.lnk
[2010/08/31 13:41:52 | 000,000,899 | ---- | C] () -- C:\Users\syl\Desktop\PhotoFiltre Studio X.lnk
[2010/08/30 19:16:39 | 000,000,680 | ---- | C] () -- C:\Users\syl\AppData\Local\d3d9caps.dat
[2010/08/24 19:34:53 | 000,176,068 | ---- | C] () -- C:\Users\syl\Documents\murielle cv2.odt
[2010/08/24 18:54:12 | 000,001,678 | ---- | C] () -- C:\Users\syl\Documents\cv murielle0.odb
[2010/08/24 18:24:34 | 000,253,494 | ---- | C] () -- C:\Users\syl\Documents\cv murielle.pdf
[2010/08/24 18:20:29 | 000,001,056 | ---- | C] () -- C:\Users\syl\Desktop\IMG - Raccourci (2).lnk
[2010/08/24 18:20:09 | 000,001,056 | ---- | C] () -- C:\Users\syl\Desktop\IMG - Raccourci.lnk
[2010/08/22 21:04:58 | 003,483,739 | ---- | C] () -- C:\Users\syl\Desktop\22_08_2010 10_10_24_history.tcx
[2010/08/22 19:32:03 | 000,001,961 | ---- | C] () -- C:\Users\syl\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/21 13:44:46 | 000,000,939 | ---- | C] () -- C:\Users\syl\Desktop\syl_courses.tcx
[2010/08/17 18:05:04 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/06 15:12:16 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_3
[2010/07/06 15:06:28 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_1
[2010/07/06 14:42:51 | 000,000,169 | ---- | C] () -- C:\Users\syl\AppData\Roaming\D2Info0
[2010/07/06 14:42:51 | 000,000,008 | ---- | C] () -- C:\Users\syl\AppData\Roaming\DofusAppId0_2
[2010/07/05 21:51:53 | 000,031,007 | ---- | C] () -- C:\Users\syl\AppData\Roaming\UserTile.png
[2010/04/03 19:28:10 | 000,015,360 | ---- | C] () -- C:\Users\syl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/09 19:54:48 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010/02/05 13:53:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/02 22:27:16 | 000,001,620 | ---- | C] () -- C:\Users\syl\AppData\Roaming\wklnhst.dat
[2009/05/11 10:51:40 | 000,000,108 | ---- | C] () -- C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log
[2009/05/11 10:21:52 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2009/05/11 10:21:52 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2007/05/17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVRD32.SYS  >[/color]
[2008/11/12 19:02:46 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=5DD1242CABC1EF8DCE4438D72D72A436 -- C:\Windows\System32\drivers\nvrd32.sys
[2008/11/12 19:02:46 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=5DD1242CABC1EF8DCE4438D72D72A436 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_82585807\nvrd32.sys
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:34:07 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
[2008/01/21 04:34:07 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 16 bytes -> C:\Users\syl\Downloads:Shareaza.GUID
< End of report >
OTL Extras logfile created on: 10/09/2010 22:07:47 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\syl\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,63 Gb Total Space | 193,51 Gb Free Space | 67,51% Space Free | Partition Type: NTFS
Drive D: | 11,46 Gb Total Space | 1,60 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-SYL
Current User Name: syl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E7D879F-5122-4612-9BF8-2114A223FB13}" = rport=445 | protocol=6 | dir=out | app=system |
"{11AE040D-65AD-4F2F-9E9B-32C566D81955}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C18AE1D-4115-479A-B980-FFE6AD8E2C7A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{26EAFCD5-2CA2-4915-B15F-927DA3511F9B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2CDF4745-E251-4651-A5FD-1882E7A02252}" = lport=137 | protocol=17 | dir=in | app=system |
"{31F3DC8B-516A-4EBB-BC81-62B7AE939BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{420023BC-354B-4DAE-87EC-0F74E9235A50}" = lport=138 | protocol=17 | dir=in | app=system |
"{463A38E5-02F5-4231-AA27-0585F912FF52}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{52A83A40-7E0D-445B-8DF5-0AD15EF42830}" = rport=139 | protocol=6 | dir=out | app=system |
"{62C17CD2-65D1-46F2-A1D1-820F3164E9BF}" = rport=137 | protocol=17 | dir=out | app=system |
"{70BB53C8-3505-4207-B9E4-9826F7DF886B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7536B8A1-58D7-463E-8C7F-258E8FD8AF9C}" = lport=139 | protocol=6 | dir=in | app=system |
"{91639E8B-949A-4373-BE9C-70B77DB16D40}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9BA36207-DAC5-43FC-B719-C820D6847EE8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BBEA0EC6-4A9C-41EB-AE7F-F7F7437C9BED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BE62D812-9DA1-4B75-B78E-7340E975AF08}" = rport=138 | protocol=17 | dir=out | app=system |
"{DD1A9D0B-C20C-4DA8-846F-A53C7CDEB305}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F21361F2-2651-4117-AA7E-E3B292159DC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7CFF6F6-A6CA-45AD-9B39-D2A5C48FE1A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDBBAB24-9BF3-4B9A-818F-3F8BFCBBD727}" = lport=2869 | protocol=6 | dir=in | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{195BB018-89CB-4EEA-A56C-B225F30FFBF3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{230BD48E-FD8D-44B0-B533-2D140B46839A}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
"{36598543-A49A-4059-81E3-48B634E82758}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3790DE48-33D1-4BB9-A51A-34A307C000F2}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
"{40D9ED88-AE7D-4951-926C-D506016FD55B}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
"{5738A39C-CF86-4331-98C0-4EB2A7C75242}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5F57F3BC-6F02-476C-A9E1-D49DFAF7F9D3}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{67E3BE7D-6D1F-421E-8DD5-F1EDA15EC3C5}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
"{70D77BA1-558B-427E-91C7-6C3EC5297082}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{72E990D6-6B57-4EE0-BBC0-AE70533901F2}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{79451015-CE9E-4809-84DF-0EDD3E7AD7DC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{83FB3EFE-62CC-4459-8109-6097BED00D97}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{902E13E5-D803-4A14-AC38-9DEC2B64D22D}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |
"{AC09BAF9-F1BE-433D-8D67-699290613EC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AC25CBDB-A16B-4F82-9B15-C775ED4AD985}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
"{B755869D-FDD2-443D-92E8-14EAFF893EC5}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steam.exe |
"{D42A939E-8FCB-427B-B9B8-EE56333E1F90}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steam.exe |
"{E3581E66-7468-4769-8BC4-8903268C3208}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"TCP Query User{0A33DA54-2497-4CCB-B35E-0A14351DF51D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{31BDA794-B441-40DF-9368-ED47BF7BE157}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AEFCAD5B-D150-4A0B-BCC2-CAA4928D8AB6}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{CDF370D0-5E6F-4393-BFFD-0D585C3A0A0C}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{446ADCA4-4F21-4449-83E0-E33B32D95115}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{8C38E226-EF2C-4572-A38E-932ADD7FF7AE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{9A1B9435-5D14-4DEF-BB40-1DA87E8ABB7B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A73BA16B-35BF-4FF4-A7ED-E021159A8728}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}" = Garmin Training Center
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97B3824E-B2D2-4C49-A860-BCA56F10B040}" = OpenOffice.org 3.2
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.3 - Français
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BF1EC9C0-9C10-11DF-BBC7-005056C00008}" = Google Earth
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7D1D93A-B17A-41F8-9070-0B2A544C6165}" = LEGO Star Wars Demo Disc
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Toolbar" = AOL Toolbar 5.0
"avast5" = avast! Free Antivirus
"CANONIJPLM100" = PIXMA Extended Survey Program
"EasyBits Magic Desktop" = Magic Desktop
"eMule" = eMule
"Enregistrement utilisateur de Canon MP520 series" = Enregistrement utilisateur de Canon MP520 series
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F7D1D93A-B17A-41F8-9070-0B2A544C6165}" = LEGO Star Wars Demo Disc
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007
"Oryte_Games_1 Toolbar" = Oryte_Games_1 Toolbar
"PC-Doctor for Windows" = Outils de diagnostic du matériel
"pywin32-py2.6" = Python 2.6 pywin32-212
"ShopperReportsSA" = ShopperReports
"Soft2PC_is1" = Soft2PC 1.4
"Software_is1" = Software 1.3
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Installation Windows Live
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CVitaeV4" = CVitaeV4
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"Xango Tango Deluxe" = Xango Tango Deluxe
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 02/09/2010 08:13:01 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 11:41:14 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 13:53:41 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 02/09/2010 14:37:28 | Computer Name = PC-de-syl | Source = Google Update | ID = 20
Description =
 
Error - 02/09/2010 14:39:19 | Computer Name = PC-de-syl | Source = RasClient | ID = 20227
Description =
 
Error - 02/09/2010 14:52:26 | Computer Name = PC-de-syl | Source = RasClient | ID = 20227
Description =
 
Error - 03/09/2010 10:15:52 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 03/09/2010 14:42:37 | Computer Name = PC-de-syl | Source = VSS | ID = 8194
Description =
 
Error - 04/09/2010 05:16:07 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
Error - 05/09/2010 05:26:52 | Computer Name = PC-de-syl | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7009
Description =
 
Error - 09/09/2010 12:42:38 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 09:44:54 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10/09/2010 10:39:06 | Computer Name = PC-de-syl | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >
le bihan
Visiteur
Visiteur
 
Messages: 4
Inscription: 10 Sep 2010 21:26
 

Re: infecté de pub

Message le 10 Sep 2010 22:39

J'ai poster les démarches a faire ;)
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: infecté de pub

Message le 10 Sep 2010 22:40

comme je suis un bleu en pc : uac team timer sylboc???
perdu que je suis !!!
le bihan
Visiteur
Visiteur
 
Messages: 4
Inscription: 10 Sep 2010 21:26
 

Re: infecté de pub

Message le 10 Sep 2010 22:53

Tu parle de sa ??

*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.


Sa ne te concerne pas ;)
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 



Sujets similaires

Message [Résolu] Ordinateur infecté par : Program:Win32/Uwasson.A!ml
Bonjour, Je me permet de vous contacter car je n'arrive pas à me débarrasser d'un virus sur mon ordinateur, je n'arrive pas à la supprimer ou mettre en quarantaine.Si j'ai bien compris le fichier porteur n'est plus sur l'ordinateur mais la menace est toujours là.Merci de votre aide.
Réponses: 7

Message [Réglé] Ordinateur Infecté par chainthorn.com
Bonsoir, je me suis apercu que l'ordinateur de mon père était affecter via le navigateur google chrome d'un logiciel malveillant nomé chainthorn.comCelui controle si j'ai bien compris ce que mon père fait sur le navigateur et peut etre en dehors , il lui fait aussi apparaitre des pop-ups et à fait p ...
Réponses: 24

Message infecté par bing bar, et plein d'autres problèmes
bonjour à tous,je m'appelles jonathan, 27 ans,en plus des trois ou quatre problèmes usb sur les deux pc depuis des mois,je suis depuis cette nuit infecté par la barre d'outils "bing bar", etwondershare filmora s'est mal installé, je l'ai désinstallé par revo, puis en reinstallant filmora v ...
Réponses: 26

Message [Résolu] Infecté?
Bonjour a tous !Voila j'ai un collègue qui m'a passé son ordi et je voulais voir avec vous si il est infecté enfin si il reste encore des bestioles.J'ai passé Malwarebyte et Zhpcleaner qui ont trouvé plein de chose..ZhpDiagZHPDiag.txtMerci pour votre aide !
Réponses: 35

Message Samsung galaxy book infecté + périphériques non reconnus + 2
Shortcut.txtAddition.txtFRST.txtadlice diag clean rapport 22_01_2019.txtBonjour à tous,Mon Samsung Galaxy Book (PC Tablette) est lent depuis l'installation de Adlice Diag, DriverFighter & iObit Software Updater,-2 Go d'espace libre sur 107 Go sur C:/-Plein d'infections-Périphériques non-reconnus ...
Réponses: 2

Message Pc portable infecté?
Bonjour à tousPour suivre en attente des rapports.Bonne journée
Réponses: 6

Message Virus ayant infecté mon ordinateur
Bonjour, j'ai actuellement de nombreuses publicités s'affichant lorsque je suis sur internet. De plus lorsque je clique, des pages supplémentaires s'affichent. Par exemple des informations, tel que de commentaires sur youtube, ne s'affiche plus. J'ai aussi une version de bitdefender qui a expirée. C ...
Réponses: 12


Qui est en ligne

Utilisateurs parcourant ce forum: Bing [Bot] et 19 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.